2 comments:

Hi Doug, I had a question - it's related to S-Guil as opposed to SecurityOnion but maybe you can point me in the right direction?I am following the directions at http://taosecurity.blogspot.com/2006/03/new-sguil-vm-available-for-testing.html. the following prompt in Xterm:Taosecurity:/home/analyst$I enter su - root. It asks for a password so I reply withr00t.The system prompts me with Taosecurity:/root# so I respond withsancp_start.sh and it responds with sancp_start.sh: Command not found and puts me back at the root command. I have tried the rest of the commandssnort_start.sh and/usr/local/bin/log_packets.sh restart and in both cases it again, tells me the command is not recognised.I posted to a Sourceforge forum but since that forum hadn't been answered in 6 years, someone suggested that I try your SecurityOnion site.Can you tell me what I'm doing wrong, please or direct me towards a good forum?

Security Onion

Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management. It's based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!